---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: keycloak
  namespace: keycloak
  annotations:
    # kubernetes.io/ingress.class: "system-ingress"
    nginx.ingress.kubernetes.io/proxy-buffer-size: "128k"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    cert-manager.io/cluster-issuer: "cluster-issuer"
    # Включение stiky sessions - по идее необходимо для кластера.
    nginx.ingress.kubernetes.io/affinity: "cookie"
    nginx.ingress.kubernetes.io/session-cookie-name: "kkstiky"
    nginx.ingress.kubernetes.io/session-cookie-expires: "172800"
    nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"
spec:
  ingressClassName: "system-ingress"
  rules:
    - host: "keycloak.kryukov.local"
      http:
        paths:
          - path: /iam/auth/
            pathType: Prefix
            backend:
              service:
                name: kk-http
                port:
                  name: http
  tls:
  - hosts:
      - keycloak.kryukov.local
    secretName: keycloak-tls
